Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/1-RLao_ler7InLwc0LH0fTne84LQ.roa
File: 1-RLao_ler7InLwc0LH0fTne84LQ.roa (raw, json)
Hash identifier: r89n4jdr3oXEge5Q7CikO0pUbmaXxHDSB7JHztOVLn8=
Subject key identifier: F9:12:DA:A3:F9:5E:AF:B2:27:2F:07:34:2C:7D:1F:4E:77:BC:E0:B4
Certificate issuer: /CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Certificate serial: 0199048E92F83ED2068E04A831724853E90B
Authority key identifier: 11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/1-RLao_ler7InLwc0LH0fTne84LQ.roa
Signing time: Mon 01 Sep 2025 09:14:36 +0000
ROA not before: Mon 01 Sep 2025 09:14:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200019
IP address blocks: 2.59.219.0/24 maxlen: 24
45.93.8.0/24 maxlen: 24
45.93.9.0/24 maxlen: 24
45.148.244.0/24 maxlen: 24
78.40.116.0/24 maxlen: 24
78.40.117.0/24 maxlen: 24
93.185.167.0/24 maxlen: 24
176.116.0.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/EaAQ-HoEm24hq-2bQJg7BPPxx-g.crl
rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/EaAQ-HoEm24hq-2bQJg7BPPxx-g.mft
rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 06 Sep 2025 12:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:04:8e:92:f8:3e:d2:06:8e:04:a8:31:72:48:53:e9:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Validity
Not Before: Sep 1 09:14:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f912daa3f95eafb2272f07342c7d1f4e77bce0b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:1e:31:21:21:5a:71:a5:d4:1d:23:ac:1c:71:
88:b6:b0:1f:90:e8:d1:71:a7:7b:e1:9e:ab:ef:4a:
5e:0d:ad:37:7e:59:12:50:f8:66:19:5a:61:4d:ed:
05:b3:e1:3d:6f:1f:97:0b:39:5c:6c:ec:c2:30:95:
91:eb:dd:1c:02:e8:44:0a:31:03:31:ac:31:14:53:
3f:e8:f5:ea:6d:78:7d:58:e0:10:86:36:ea:2e:12:
44:5a:88:d9:68:29:ed:6a:40:e0:d1:02:7f:d9:77:
32:34:e6:cd:be:28:21:6c:93:47:80:dc:ab:e6:55:
77:9c:89:74:ae:4f:6b:fd:a9:98:43:50:9d:91:5c:
40:10:ae:7f:59:b8:ef:9a:64:26:5e:af:ce:0d:c6:
49:02:3f:9a:67:c8:69:d7:c8:a9:cc:cc:08:c9:b0:
5c:50:83:49:52:21:a2:59:3a:82:93:2e:4b:a2:12:
a6:ab:a4:d3:f6:9d:1d:0e:d6:30:42:9e:89:86:0c:
17:eb:36:f1:81:bb:80:a9:91:ec:ca:9f:67:e8:a4:
7a:94:5b:6f:56:39:e6:f5:e8:99:ac:86:23:0f:76:
f4:4e:74:c5:c1:0b:4d:c5:9e:37:91:28:80:c1:dd:
e6:75:c3:ae:8b:bc:26:b4:53:59:63:a3:81:58:ba:
44:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:12:DA:A3:F9:5E:AF:B2:27:2F:07:34:2C:7D:1F:4E:77:BC:E0:B4
X509v3 Authority Key Identifier:
keyid:11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/1-RLao_ler7InLwc0LH0fTne84LQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/EaAQ-HoEm24hq-2bQJg7BPPxx-g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.219.0/24
45.93.8.0/23
45.148.244.0/24
78.40.116.0/23
93.185.167.0/24
176.116.0.0/24
Signature Algorithm: sha256WithRSAEncryption
20:0c:54:3e:f5:5f:f7:c3:ad:59:57:68:91:52:00:f3:f8:b4:
de:93:71:e2:80:dd:75:b2:81:cd:46:fc:e2:4f:fb:1c:29:c8:
03:0e:62:34:59:09:c8:0f:1c:63:33:6c:2a:35:f2:09:cf:4a:
54:a6:77:04:fd:7b:e3:99:f4:7b:0f:57:55:80:e3:c2:14:1e:
93:36:c1:a1:4e:76:72:80:f1:5e:ba:94:96:c4:87:75:d0:d0:
a7:c8:b1:71:2a:b3:68:83:bc:b5:3a:bb:e1:b3:65:f3:c5:bc:
fb:f8:d7:a0:5b:10:70:b2:1f:67:67:d8:98:4a:7e:86:4b:d1:
a0:e2:39:fd:2e:d0:27:1b:c7:30:fe:b0:93:eb:1c:b6:91:eb:
ac:e5:69:b5:52:33:4a:e6:95:ec:49:fa:ab:85:b0:8c:79:30:
b0:6b:28:20:7e:cc:8c:fd:20:8e:30:25:43:42:a3:c0:50:58:
7a:33:3e:86:af:c3:55:98:ae:b6:83:a0:77:cd:98:e6:f8:81:
3a:a2:63:ff:90:5c:8e:76:d4:00:0a:72:a3:36:8d:6d:76:a0:
29:be:77:56:57:85:78:65:4c:a2:fb:63:6a:dc:71:aa:13:f6:
f0:39:d5:ec:20:ec:de:82:65:3c:22:62:ac:32:4b:61:68:7b:
35:37:68:27
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAZkEjpL4PtIGjgSoMXJIU+kLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExYTAxMGY4N2EwNDliNmUyMWFiZWQ5YjQwOTgzYjA0ZjNm
MWM3ZTgwHhcNMjUwOTAxMDkxNDM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTEyZGFhM2Y5NWVhZmIyMjcyZjA3MzQyYzdkMWY0ZTc3YmNlMGI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqR4xISFacaXUHSOsHHGItrAfkOjR
cad74Z6r70peDa03flkSUPhmGVphTe0Fs+E9bx+XCzlcbOzCMJWR690cAuhECjED
MawxFFM/6PXqbXh9WOAQhjbqLhJEWojZaCntakDg0QJ/2XcyNObNvighbJNHgNyr
5lV3nIl0rk9r/amYQ1CdkVxAEK5/WbjvmmQmXq/ODcZJAj+aZ8hp18ipzMwIybBc
UINJUiGiWTqCky5LohKmq6TT9p0dDtYwQp6JhgwX6zbxgbuAqZHsyp9n6KR6lFtv
Vjnm9eiZrIYjD3b0TnTFwQtNxZ43kSiAwd3mdcOui7wmtFNZY6OBWLpENQIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFPkS2qP5Xq+yJy8HNCx9H053vOC0MB8GA1UdIwQY
MBaAFBGgEPh6BJtuIavtm0CYOwTz8cfoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUt
ZWU3NDY1NzU0ZmY2LzEvMS1STGFvX2xlcjdJbkx3YzBMSDBmVG5lODRMUS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNGIvZjI1ZDdjLTY2NzctNGZkYi04OThlLWVlNzQ2NTc1NGZm
Ni8xL0VhQVEtSG9FbTI0aHEtMmJRSmc3QlBQeHgtZy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA9BggrBgEFBQcBBwEB/wQuMCwwKgQCAAEwJAMEAAI72wME
AS1dCAMEAC2U9AMEAU4odAMEAF25pwMEALB0ADANBgkqhkiG9w0BAQsFAAOCAQEA
IAxUPvVf98OtWVdokVIA8/i03pNx4oDddbKBzUb84k/7HCnIAw5iNFkJyA8cYzNs
KjXyCc9KVKZ3BP1745n0ew9XVYDjwhQekzbBoU52coDxXrqUlsSHddDQp8ixcSqz
aIO8tTq74bNl88W8+/jXoFsQcLIfZ2fYmEp+hkvRoOI5/S7QJxvHMP6wk+sctpHr
rOVptVIzSuaV7En6q4WwjHkwsGsoIH7MjP0gjjAlQ0KjwFBYejM+hq/DVZiutoOg
d82Y5viBOqJj/5BcjnbUAApyozaNbXagKb53VleFeGVMovtjatxxqhP28DnV7CDs
3oJlPCJirDJLYWh7NTdoJw==
-----END CERTIFICATE-----
Generated at Fri Sep 5 22:09:42 2025 by rpki-client